‘Your account is being used by another person!’ sextortion email scam
An email scam sends you a message with “Your account is being used by another person!” as the subject and claims to have sent the message from your account.
A recently discovered sextortion email scam sends you an email message from your own account and claims to have recorded you through your webcam while you visited adult websites. The subject of the email message is “Your account is being used by another person!”
The purpose of this scam is to scare you enough into paying the scammer in Bitcoin. The message claims that they have recorded you through your camera while you were visiting adult websites and if you do not send money to their Bitcoin wallet they will send videos of you that they recorded while you were visiting adult websites to your contacts.
If I don’t get bitcoins, I will send your video to all your contacts, including family members, colleagues, etc.
This is a scam, your account was not hacked, and there are no videos of you visiting adult websites. If you have never visited an adult website before, you will receive the same message that says otherwise. If your device does not have a camera on it, the message will still claim to have recorded you through your camera.
Unfortunately, this is a sign that your information was possibly leaked online following a breach that occurred on websites like Adobe, LinkedIn, or Yahoo. Scammers use the information leaked about you (such as your email address, email account password, and telephone number) against you in order to attempt to blackmail you.
To find out where your information may have been leaked or which breach may have been leaked your information go to https://haveibeenpwned.com/ and submit your email address.
Transcript from email message:
Subject: Your account is being used by another person!
From: [Your email address]
To: [Your password]Hi, stranger!
I know the [Your password], this is your password, and I sent you this message from your account.
If you have already changed your password, my malware will be intercepts it every time.You may not know me, and you are most likely wondering why you are receiving this email, right?
In fact, I posted a malicious program on adults (pornography) of some websites, and you know that you visited these websites to enjoy
(you know what I mean).While you were watching video clips,
my trojan started working as a RDP (remote desktop) with a keylogger that gave me access to your screen as well as a webcam.Immediately after this, my program gathered all your contacts from messenger, social networks, and also by e-mail.
What I’ve done?
I made a double screen video.
The first part shows the video you watched (you have good taste, yes … but strange for me and other normal people),
and the second part shows the recording of your webcam.What should you do?
Well, I think $713 (USD dollars) is a fair price for our little secret.
You will make a bitcoin payment (if you don’t know, look for “how to buy bitcoins” on Google).BTC Address: 16LBDius3vg6ufFvnc7PGXfiTZgphuZgr5
(This is CASE sensitive, please copy and paste it)Remarks:
You have 2 days (48 hours) to pay. (I have a special code, and at the moment I know that you have read this email).If I don’t get bitcoins, I will send your video to all your contacts, including family members, colleagues, etc.
However, if I am paid, I will immediately destroy the video, and my trojan will be destruct someself.If you want to get proof, answer “Yes!” and resend this letter to youself.
And I will definitely send your video to your any 16 contacts.This is a non-negotiable offer, so please do not waste my personal and other people’s time by replying to this email.
Bye!
Although the email message might seem like a real threat, it’s not. It is a confirmed scam and you have nothing to worry about. The same exact message has been sent to many people and there have been many campaigns like it in the past.
Do not pay the scammer. They have not accessed your email account and they have not taken photos or videos of you. The only thing that you need to do is change the password to your email account and wherever else you reused the password to ensure your privacy and safety. Here are some tips when making a new password:
- Do not reuse the same password for multiple accounts. Use unique passwords wherever possible.
- Use strong passwords with numbers, letters, and special characters such as !@$#.
- Use two-factor authentication to add an extra layer of security along with your password.
- Use a reputable password manager if you have trouble remembering multiple passwords.
The email message claims to have infected your computer with malware, but that’s not true. However, if you would like to scan your computer for malware and other potentially malicious files using Malwarebytes follow these instructions:
1. Download Malwarebytes Anti-Malware software to scan your computer and remove malicious files and potentially unwanted programs.
2. To install the program, click the file you just downloaded. It can usually be located in the Download folder.
3. A window that says “Welcome to the Malwarebytes Setup Wizard” will appear. Click Agree and Install to begin the installation. Once complete, click Finish.
4. Now the Malwarebytes is installed, open the program and click the Scan Now button – or go to the Scan tab and click the Start Scan button.
3. When the scan is complete click the Quarantine Selected button.
4. If Malwarebytes says “All selected items have been removed successfully. A log file has been saved to the logs folder. Your computer needs to be restarted to complete the removal process. Would you like to restart now?” click the Yes button to restart your computer.
Whats actually annoying is the contact number shown, its not accurate, but might have been at one time, that probably leads many to think its legit, that should be mentioned in the main body of the article